It’s Time for TLS 1.2

Thursday September 19, 2013

In a previous post titled Getting the Most Out of SSL Part 2, we touched on the recommendation that Web servers be configured to prefer Transport Layer Security (TLS) version 1.2. With the planned release of Firefox 24 and recent release of Chrome 29 adding support for TLS 1.2, now is a great time for website administrators to make the switch.

Transport Layer Security was formerly called Secure Sockets Layer (SSL) and is the protocol that enables secure “https://” connections to websites. TLS 1.2 was defined 5 years ago in RFC 5246, and TLS 1.1 dates all the way back to RFC 4346 in 2006. Both of these versions are updates to the original standard that fix bugs and problems including vulnerability to cipher block chaining (CBC) such as the BEAST attack that made news in 2011. The authors also added newer cipher suites including a replacement for RC4, a popular cipher that has been shown to be susceptible to attack. In short, enabling TLS 1.2 is like a Windows software update – it fixes potential problems and makes your website more secure.

In 2011, statistics from Qualys showed that an overwhelming majority of web servers support TLS 1.0, with almost no support for TLS 1.1 or 1.2. Since then, support for 1.1 and 1.2 in browsers has improved greatly with the current version of all major browser now supporting 1.2. Unfortunately, both the browser and server must support a given version of TLS to enable its use. You can find out if your website currently supports TLS 1.2 using this SSL Configuration Checker.

By taking the time to enable TLS 1.2 on your web server, you can benefit in a couple of ways. If you don’t have TLS 1.1 enabled, then you will gain resistance to the BEAST attack. With TLS 1.2 you will also gain more secure cipher suites that reduce reliance on RC4. The recently disclosed RC4 weakness isn’t yet practical to exploit because it requires the attacker to observe millions of connections, but you should expect that to change. You will also gain stronger ciphers that prepare your site in the event that new vulnerabilities are found in the older protocols or other older ciphers. If you are still relying on SSL 3.0 (the predecessor to TLS 1.0), then you can add better performance to the list of benefits because TLS will allow you to enable OCSP stapling.

Enabling TLS 1.2 on your site also helps to solve the “chicken and egg” problem that currently exists. Browsers are beginning to enable TLS 1.2 by default, but in a small number of cases this can actually cause problems for users connecting to sites that don’t support TLS 1.2 because they don’t properly negotiate to a different version of the protocol.

The steps required to enable TLS 1.2 vary depending on your web server software and version. It may be a matter of updating a configuration setting, or you may need to upgrade your server software. A web search for “TLS 1.2” and your web server should provide the information you need.

Just as Certificate Authorities are moving to longer key sizes and SHA2 before a serious vulnerability is found and exploited, turning on TLS 1.2 is a way that you can future-proof your website and help to move internet security forward.

This article was originally published by the "CA Security Council". In 2021 the CASC was restructred and renamed to the "Public Key Infrastructure Consortium" shortly "PKI Consortium".

Learn more about the PKI Consortium
Participate in our community discussions and/or join the consortium